League of Legends Philippines Removes ‘Cryptojacking’ Code From Its Client

Security engineers of the Philippine community of major multiplayer video game League of Legends (LoL) have removed Coinhive crypto mining code from its Garena client June 11, according to an official statement from the group’s Facebook.

On July 9, Monero (XMR) mining malware Coinhive was first detected on the LoL client by a player who posted about the issue on the League of Legends subreddit.

According to the group’s Facebook statement, the recent case of Coinhive cryptojacking was caused by “unauthorized modification of the League of Legends PH client lobby where a certain javascript code was inserted.” Garena noted that apart “increased CPU usage,” the security experts found “no other impact on affected computers.”

Founded in 2009 in Singapore, Garena is a platform provider based in Asia. Garena offers gaming platforms for multiplayer online battle arena games League of Legends and Heroes of Newerth, as well as the online soccer game FIFA Online 3, and shooter games Point Blank and Alliance of Valiant Arms.

Cryptojacking malware activity has reportedly surged by 629 percent in the first quarter of 2018, with Monero mining Coinhive going epidemic on the Internet. However, the volumes of Monero generated from malicious cryptojacking amount to just around 5 percent.

On June 12, Japanese police started investigating a case of cryptojacking involving Monero-mining software Coinhive, which became the first criminal case involving cryptocurrency mining in Japan.

Subsequently, on June 16, Japanese prosecutors from 10 prefectures arrested 16 individuals suspected of involvement in an ongoing criminal case of cryptojacking, with the Sendai District Court eventually sentencing a 24-year old of the city of Amagasaki in Hyogo prefecture to one year in prison.